In the last two years, organizations around the world have adapted to new ways of working, getting used to terms like telecommuting, remote work or hybrid, and to handle technology with greater skill. During the pandemic, this type of work generated some opportunities for employees and employers; but also, it represented a challenge due to the cyber risks associated with remote work.
Among these risks are cyber attacks. Cybercriminals focused their strategies on attacking those organizations that were not prepared to face the digital world and what it entails.
The most common objectives that facilitate cybercrime are:
- Remote workers using potentially insecure laptops, mobile devices, networks, and smart home devices.
- VPN (Virtual Private Network) and other unpatched software that is run on home systems.
- Computers with a poorly configured Remote Desktop Protocol (RDP) connection, which can be easily compromised through the use of previously stolen or easily cracked passwords.
- Cloud services with weak access controls.
An innovative ecosystem
Since 2009, there has been an ecosystem called ZeroTrust, which is becoming relevant in this global scenario of teleworking. At its core is the critical data or business processes that must be protected; but above all it is the effective way to help mitigate risks in a hybrid work environment, where perimeters are fluid, workers are distributed and must continuously authenticate, and networks are segmented to reduce the potential for threat propagation.
Situations like these make it necessary to always apply the Zero Trust security premise or approach “Never trust. Always check.” This is stated by Marielos Rosa, Operations Manager of ESET Central America, who adds that “as opposed to the perimeter security model whose premise is “trust and verify”, Zero Trust is based on the idea that, by default, organizations should never trust no internal or external entity entering its perimeter. This model offers an increasingly popular option to minimize cyber risk in a world characterized by hybrid cloud, remote work and multiple threat actors.”
According to ESET Latin America in practice, there are three implicit principles to help minimize the impact of breaches:
- All networks should be treated as untrusted: If no network is trusted, users are also untrusted. After all, there is no guarantee that an account has not been hijacked or that a user within the organization is not a malicious actor. That means giving employees just enough privilege to get the job done, then regularly auditing access permissions and removing those that are no longer appropriate.
- Minimum privileges: This should include home networks, public Wi-Fi networks (for example, in airports and coffee shops), and even local corporate networks. Cybercriminals are too determined for us to assume there are safe spaces left.
- Assume the breach: News of a new security breach is reported daily. By keeping their guard up, organizations will be vigilant and continue to enhance their defenses with the resilient mindset that Zero Trust suggests. Breaches are inevitable, it is about minimizing their impact.
During the pandemic, it also became apparent that VPN solutions were in many cases unable to support large numbers of remote workers. They are increasingly a target of attack in their own right, especially if they are left outdated and unprotected.
During the pandemic, it also became apparent that VPN solutions were in many cases unable to support large numbers of remote workers. They are increasingly a target of attack in their own right, especially if they are left outdated and unprotected. This is revealed by data from the special section on COVID-19 included in the most recent National Household Survey.
(Enaho), carried out by the National Institute of Statistics and Censuses (INEC) in July of this year. Of the 296,079 people with telework in Costa Rica, 83.6% began to apply this modality as a result of the COVID-19 pandemic, according to Enaho. The other workers (16.4%) had already been applying it since before the health emergency.
Given this panorama, it is necessary for every organization to take into account these three aspects, to implement the Zero Trust model:
1. Visibility: It is necessary to identify the devices and assets that must be protected and monitor them. It is not possible to protect a resource that we do not know exists, so it is essential to have visibility of all the resources that belong to the organization or that have access to it.
2. Policies: Controls must be implemented that allow only specific people to have access to specific entities and conditions. This means that careful checks are required.
3. Automation: The automation of processes ensures the correct application of policies and allows the rapid application of measures against possible deviations.
With a Zero Trust environment, in addition to having control and knowledge of all the data at any time, in the event of a breach, the organization’s security teams are capable of accurately detecting when and from where data was stolen or manipulated, providing a rapid response capacity.